-
c-ares (1.10.0-3ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: NAPTR parser out of bounds access
- debian/patches/CVE-2017-1000381.patch: check for sufficient data in
ares_parse_naptr_reply.c.
- CVE-2017-1000381
-- Marc Deslauriers <email address hidden> Tue, 27 Jun 2017 08:13:21 -0400
-
c-ares (1.10.0-3ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service and possible execution via hostname
with an escaped trailing dot (LP: #1629085)
- debian/patches/CVE-2016-5180.patch: properly handle escaped dot in
ares_create_query.c.
- CVE-2016-5180
-- Marc Deslauriers <email address hidden> Thu, 06 Oct 2016 10:15:11 -0400
-
c-ares (1.10.0-3) unstable; urgency=low
[ James McCoy ]
* Move debian/upstream to debian/upstream/metadata
[ Gregor Jasny ]
* Bump standards to 3.9.4 (no changes needed)
* Add missing man pages (Closes: #811241)
-- Gregor Jasny <email address hidden> Sat, 23 Jan 2016 22:22:32 +0100
-
c-ares (1.10.0-2) unstable; urgency=low
* Bump standards to v3.9.4 (no changes needed)
* Canonicalize Git VCS URL
* Prevent autoconf from mangling passed cflags
* Depend on debhelper 9
-- Gregor Jasny <email address hidden> Sun, 16 Jun 2013 13:38:58 +0200